forwarders overriding zone delegation.
Joseph S D Yao
jsdy at cospo.osis.gov
Fri Sep 22 21:56:44 UTC 2000
On Fri, Sep 22, 2000 at 05:43:08PM -0400, Bob Vance wrote:
> What's the logic behind this?
>
> If we delegate a sub-domain, then we have the NS records for that
> sub-domain, right?
> So why should a global "forwarders" statement in our config override
> that
> knowledge. It seems silly to me to pass a query on to some other server
> when we have the necessary info at hand.
>
> I know that we can override the override :) by creating a zone
> of type "forward" for each delegation, but that could be a lot of work
> if there are several delegations.
> Why isn't there just a single option that says,
> "delegations override global forwarding" ?
I can pull in all the delegations I want through my firewall, or even
declare some as being outside my firewall, but I still won't be able to
access them unless I default to forwarding through my firewall.
I _do_ have a lot of internal forwards in my configuration. I could
also replace them all with stub-type zones that just turn forwarding
off, in the case of delegations (not all are delegations of the master
zone; some even have different TLDs). But (a) I got the forwarding
working as the universal solution before I understood "stub" zones [I
was coming from V4], and (b) it would be two different solutions for
two groups of internal nodes, and those who come after me might not
understand the difference. Yes, even if I document it well.
Once set up, it is not that hard to maintain.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list